deleting a file using unlink()

Forum Moderators: coopster

Message Too Old, No Replies

deleting a file using unlink()

server

sebbothebutcher

7:25 pm on Apr 25, 2004 (gmt 0)

hi i have a question! i have a questbook, that stores every entry in a seperate file named
entry1.php
entry2.php
.
.
.
entryX.php

now i want the administrator to be able to delete the file by typing the message id into an input field, click a button and the entry is being deleted.

i've already solved the problem described above, but when the

unlink($file)

should delete the file, i get an error, saying that i don't have the rights to perform this action. how can i prevent this?

i am using apache 2.0.39

sebbothebutcher

4:04 pm on Apr 26, 2004 (gmt 0)

nobody there to help me? :'(

jatar_k

4:48 pm on Apr 26, 2004 (gmt 0)

take a look at what user your scripts are running as, you will have to change the user or update the permissions for this user.

sebbothebutcher

5:02 pm on Apr 26, 2004 (gmt 0)

thanks but how can i do this exactly?
i'm using apache 2.0.39 @ win2k
thanks in advance

MattyMoose

5:34 pm on Apr 26, 2004 (gmt 0)

from [httpd.apache.org...]

By default, all Apache services are registered to run as the system user (the LocalSystem account). The LocalSystem account has no privileges to your network via any Windows-secured mechanism, including the file system, named pipes, DCOM, or secure RPC. It has, however, wide privileges locally.

That means you need to go to your directory where your files are that you need to delete (I'll use this as an example: "C:\Apache2\myfiles").
Right-click on the directory (myfiles), select "Sharing and Security". Change the owner to LocalSystem, and change the permissions to "Full".

Enable the recursive option if you've got other subdirectories that you want to give the same permissions to.

here's a continuation of the quote from the link above, which you may want to do:

Never grant any network privileges to the LocalSystem account! If you need Apache to be able to access network resources, create a separate account for Apache as noted below.
You may want to create a separate account for running Apache service(s). Especially, if you have to access network resources via Apache, this is strongly recommended.
1. Create a normal domain user account, and be sure to memorize its password.
2. Grant the newly-created user a privilege of Log on as a service and Act as part of the operating system. On Windows NT 4.0 these privileges are granted via User Manager for Domains, but on Windows 2000 and XP you probably want to use Group Policy for propagating these settings. You can also manually set these via the Local Security Policy MMC snap-in.
3. Confirm that the created account is a member of the Users group.
4. Grant the account read and execute (RX) rights to all document and script folders (htdocs and cgi-bin for example).
5. Grant the account change (RWXD) rights to the Apache logs directory.
6. Grant the account read and execute (RX) rights to the Apache.exe binary executable.
It is usually a good practice to grant the user the Apache service runs as read and execute (RX) access to the whole Apache2 directory, except the logs subdirectory, where the user has to have at least change (RWXD) rights.

HTH,
-MM